We are aware of a recently discovered Linux exploit regarding the sudo package. While this is a serious security issue, our team is monitoring the situation very closely with the Linux software providers. InterWorx enables automatic updates by default, unless this behavior has been changed by a NodeWorx administrator, and the new version of the sudo package will be automatically installed soon after it has been released upstream.
How to see if you are vulnerable:
You may check to see if your system is vulnerable by running the following command:
$ sudoedit -s /
If your system returns the following, your system is at risk:
sudoedit: /: not a regular file
If your system returns the following, your system has received the patch:
$ sudoedit -s / usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-T timeout] [-u user] file ...
If your system is not set to receive automatic updates, you may manually update sudo using the “yum” command; however, you may need to enable a specific repo using –enablerepo in conjunction with yum for EL6 or EL7.
Updating EL6 with InterWorx 6:
To update using the NodeWorx UI, go to NodeWorx > Server > Software Updates
yum clean all yum --enablerepo interworx-stable update sudo
Updating EL6 with InterWorx 7:
To update using the Nodeworx UI, go to NodeWorx> Server > Software Updates
yum clean all yum --enablerepo interworx-7-base update sudo
Updating EL7 (All versions of InterWorx):
yum clean all yum --enablerepo base update sudo